Search This Blog

Friday, July 19, 2013

Although I had switched to Virtual Box for a while, I still have no choice but to open up some older VMs in VMWare to migrate or retrieve information from them. One such VM gave a similar error as above and in fact, it is not even a persistence VM. The very thought that I have to rebuild this VM strike horror in my heart, but luckily the good news is that I did not need to do that to resolve this issue.

It turns out that this usually happens after you had not power up the VM for a while and over a few version of VMWare upgrade. Somehow the lock file just get corrupted. Go into your VM Machine's directory and you will see some directories with *lck* and maybe 1 or 2 tiny files inside. Well those are are source of the issues.

Simply delete all those directories with the tiny files with the lck extension or keyword in them. That fixed my problem and the VM is back booting up happily. If you want to be safe, you can always make a copy of the VM or a copy of those directories before you go ahead with the deletion.

It is a simple problem, but VMWare seems to make it into such a big issue that your VM no longer starts. But luckily the fix is just as simple.

Wednesday, July 17, 2013

Ever seen this before? Well, this is an old version of Windows, but it would look somewhat similar when you have policies that preset and prevents you from doing a Windows Update. Usually there is nothing you can do about it and hope that you will eventually get the patch, thanks to your company, but if you are the owner of this machine and has admin rights, then read on.

Usually this is caused by GPO or similar policies preventing you from updating. Or you are not in the administrator group. To solve the GPO, you will need to fire up regedit.

Set "Remove Access" to All and "Windows Update features" to Not Configured.

On server, you may be able to run "gpupdate /force" to restart the policies, but a reboot is one sure way to get it done.

Next, we sometimes wants to fire up Windows Update and do a on demand update. But in a company wide deployment, often you will get a no access page at Microsoft because the Windows Update Server is set to local. So, here is the way to get it done, via script of in command prompt.

You can skip this steps sometimes, but I find that the sure way to trigger the update is sometimes to shutdown and restart the Windows Update Service like this:

net stop wuauserv

net start wuauserv

After this, you can start the actual trigger to Windows Update:

wuauclt /detectnow

This should make the yellow shield at the tray pops up. You may want to see a update status by:

wuauclt /r /ReportNow

This will communicate with the update server and takes a few minutes.

And when something does crap out, there is always a very detail log in %systemroot%/WindowsUpdate.log. You will find all your problems inside be it wrong server, connection timeout etc.

Now, the above can definitely be put into a script to be run by schedule and you have your own "Automatic Update" so to speak. Have fun updating Windows (and other Microsoft Products)

Friday, July 12, 2013

Usually I do not talk much about Patch Tuesday from Microsoft, but this time round, it totals to about 30 or so updates on most system with Windows and Office. I think that is would the mention. Not only that, there are 6 rated CRITICAL and many which does not have full details on what and how it is exploited as Microsoft got the vulnerability in private. Doesn't that worry you? It should. For all you know some of these vulnerabilities had already been used in the wild, so I suggest you roll in these patches as soon as possible. (How about NOW??)

So, what are fixed in this round? Here is a summary of it:

Kernel driver bug due to TTF (yes, I know your WTF look, why would a TTF font be injected into kernel...?) This allow escalation and there is full source code available.

Several .Net Framework and Silver patches

Vulnerability in GDI+. Seriously, I think they will never get this fix since it comes back every time.

IE. For once, IE 10 is badly hit. Usually most vulnerability would not affect IE 10 (on Win8 especially). Well, this is really the patch you need to install ASAP since IE will be your first point of contact.

Directshow with GIF files. Makes you think how a simple file format thing like PDF, PNG (oh yes, last month we just had one), DOCX or sort. It does seems to have a trend of attacking file formats nowadays.

Windows Media Format. WMF. There we have it, just to prove my previous point.

Windows Defender. It's a path transversal. Well, even the big giants has faults sometimes. But the scary part is Microsoft does patch it... Do you see other AV vendors patching their main program much (I know you get updates, but those are AV signatures, they are different things)?